Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1100
Views
0
Helpful
1
Replies

Cisco ironport Web DNS and NTLM Realm

mohamed fayz
Level 1
Level 1

‎08-25-2013 09:18 AM

Hai Dears,

Today we faced one issue with ironport Web adding NTLM authentication with AD. In our scenario, WSA is inDMZ interface. and the data traffic is passed via DMZ interface to internet.

In deployement method, we used in Network -> DNS -.>  root dns server (public) and interface as Data.

When we try to integrate our WSA box with AD via NTLM, the DNS is not getting resolved for our wsa hostname, AD servers. We can see the AD hostname in the error. So, how we are getting the AD hostname in the error eventhough it is not resolve by DNS???

Labels:
0 Helpful
1 Reply 1

Vance Kwan
Cisco Employee
Cisco Employee

‎08-27-2013 11:55 PM

Hi Dears,

There is a hidden command on the WSA's CLI.  Go to the CLI, and use the command dnsconfig > new > localhost.  Add the host names and IP addresses that it is missing using that option.

Is there any specific reason why you would want to use the Internet Root DNS servers?

-Vance

0 Helpful
Customers Also Viewed These Support Documents